A bot is an automated piece of software that is resident on a compromised host which is usually intended to fulfil a purpose that is malicious in intent. The nature of the bot is that the owner of the compromised host is unaware of its existence and it also protects the bot’s controller from identification. A botnet is a collection of such compromised hosts under the control of one or more third parties (Kurose & Ross (2010, p57)).

In order to create a botnet it is necessary to either encourage a host to download the bot or to force install it onto a target host on a large scale where the result is many compromised hosts. This widespread creation of a botnet is usually undertaken by malware installing web services (e.g. web sites) or email communications with attachments where the user is informed that they are performing a legitimate task for legitimate reasons when in actual fact they are allowing the bot to be installed or opening up a way for the botnet to be installed in the future.

There are many uses of botnets from the wide collection of personal and sensitive data without the user’s knowledge and the delivery to the botnet owner to the botnet, a as whole collection of processing power, being used to perform malicious attacks on other systems. An example of such and attach would be a Distributed Denial of Service (DDoS) attack whereby the botnet controller could instruct the botnet to flood a target system or many systems with requests. The target system(s) would be unable to handle the sheer number of requests, including any valid ones, and would effectively shut down until such time as it was able to service requests again. Should the botnet still be actively sending requests then it can remove that service from its valid users for a considerable period of time.